ESET Security for Microsoft SharePoint
 
ESET Security for Microsoft SharePoint – Table of Contents

Brute-force attack protection

Brute-force attack protection blocks password-guessing attacks for RDP and SMB services. A brute-force attack is a method of discovering a targeted password by systematically trying all possible combinations of letters, numbers, and symbols.

Enable Brute-force attack protection—ESET Security for Microsoft SharePoint inspects network traffic content and blocks the attempts of password-guessing attacks.

Rules—Create, edit and view rules for incoming and outgoing network connections.

Limit incoming RDP connections—Enables you to restrict RDP connections to the networks listed in the Trusted zone IP set (recommended). Go to Network access protection > IP sets and edit Trusted zone IP set to include networks, IP addresses, or IP address ranges from which you specifically allow RDP connections to the server. Alternatively, you can create a new IDS rule under Network attack protection. Click Edit next to IDS rules > Add > select Limited RDP connection from the Detection drop-down menu.

Note

If you perform an attended fresh installation locally on the server, the Limit incoming RDP connections to is set to Trusted zone by default. If you perform an installation remotely over RDP, the Limit incoming RDP connections to is set to All networks by default. This setting is meant to be temporary and to prevent your RDP connection from being cut off until you configure the Trusted zone.

In both cases, we recommend configuring the Trusted zone to include networks, IP addresses, or IP address ranges from which you specifically allow RDP connections to the server. Go to Network access protection > IP sets and edit Trusted zone IP set. After configuring the Trusted zone IP set to your needs, change the Limit incoming RDP connections to use the Trusted zone from the previous All networks setting to secure your server and take advantage of the RDP access restriction feature while having the RDP fully functioning within your company networks.

If you are using the firewall component, Limit incoming RDP connections to setting is not present. Configure the firewall to secure RDP according to your requirements.

Exclusions—List of excluded detections defined by an IP address or application path. You can create and edit exclusions in ESET PROTECT On-Prem Web Console.

Note

For more information about Brute-force attack protection, see the ESET Digital Security Guide article.